4443 matches found
CVE-2025-25952
An Insecure Direct Object References IDOR in the component /getStudemtAllDetailsById?studentId=XX of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to access sensitive user information via a crafted API request...
CVE-2025-25952
An Insecure Direct Object References IDOR in the component /getStudemtAllDetailsById?studentId=XX of Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR v1.0.118 allows attackers to access sensitive user information via a crafted API request...
PT-2025-9587
Name of the Vulnerable Software and Affected Versions Serosoft Solutions Pvt Ltd Academia Student Information System SIS EagleR version 1.0.118 Description The issue is related to an Insecure Direct Object References IDOR in the component "/getStudemtAllDetailsById?studentId=XX". This allows...
CVE-2025-25952
Summary of CVE-2025-25952 (CISA/CVE listing) Affected product: Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR, v1.0.118. Vulnerability: Insecure Direct Object References (IDOR) in the API endpoint "/getStudemtAllDetailsById?studentId=XX". Exploitation could allow an a...
CVE-2024-50686
SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references IDOR via the commonService API model...
CVE-2024-50687
SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references IDOR via the devService API model...
CVE-2024-50685
SunGrow iSolarCloud before the October 31, 2024 remediation, is vulnerable to insecure direct object references IDOR via the powerStationService API model...
CVE-2024-50693
SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references IDOR via the userService API model...
CVE-2024-50687
SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references IDOR via the devService API model...
CVE-2024-50685
SunGrow iSolarCloud before the October 31, 2024 remediation, is vulnerable to insecure direct object references IDOR via the powerStationService API model...
CVE-2024-50693
SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references IDOR via the userService API model...
CVE-2024-50687
SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references IDOR via the devService API model...
CVE-2024-50686
SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references IDOR via the commonService API model...
Insecure Direct Object Reference (IDOR)
github.com/kubesphere/kubesphere is vulnerable to Insecure Direct Object Reference IDOR. The vulnerability is due to missing proper authorization checks, which allow low-privileged authenticated attackers to access sensitive resources directly...
CVE-2024-50685
SunGrow iSolarCloud before the October 31, 2024 remediation, is vulnerable to insecure direct object references IDOR via the powerStationService API model...
CVE-2024-50693
SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references IDOR via the userService API model...
CVE-2024-50686
SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references IDOR via the commonService API model...
CVE-2024-50689
SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references IDOR via the orgService API model...
SunGrow iSolarCloud 安全漏洞
SunGrow iSolarCloud is an Android app for new energy power plant management from China SunGrow SunGrow. It is used for power plant data collection, monitoring, operation and maintenance and operation management. A security vulnerability exists in SunGrow iSolarCloud, which stems from an insecure...
CVE-2024-50685
SunGrow iSolarCloud is vulnerable to insecure direct object references (IDOR) in the powerStationService API model, affecting the iSolarCloud Android app and related cloud services. The root cause is IDOR flaws that could allow unauthorized access to user data and potentially modify key identifyi...